SSL Accelerated Service Configuration Mode Commands

SSL accelerated services lets you enable and configure SSL acceleration on your WAAS system, and define services to be accelerated on the SSL path. To configure secure socket layer (SSL) encryption accelerated services on a WAAS device, use the crypto ssl services accelerated-service global configuration command. To delete a parameter use the no form of the command.

crypto ssl service accelerated-service service-name

no crypto ssl service accelerated-service service-name

Syntax Description

service-name

Name of the accelerated service that you want to create or edit. The service list name may contain up to 128 characters.

Defaults

No default behavior or values.

Command Modes

global configuration

Device Modes

application-accelerator

central-manager

Usage Guidelines

Use the crypto ssl services accelerated-service command to add and configure an accelerated service. The crypto ssl services accelerated-service command initiates accelerated service configuration mode, as indicated by the following prompt:

WAE(config-ssl-accelerated)#

Within SSL accelerated service configuration mode, you can use SSL accelerated service configuration commands. To return to global configuration mode, enter exit at the accelerated service configuration mode prompt.

Examples

The following example shows how to create or edit an accelerated service called myservice. If the service is already established on the WAAS device, the crypto ssl services accelerated-service command edits it. If the service does not exist, the crypto ssl services accelerated-service command creates it:

Usage Guidelines

Examples

The following example shows how to enter SSL accelerated service configuration mode, and then create or edit a cipher list called myciphers. If the cipher list is already established on the WAAS device, the cipher-list command edits it. If the cipher list does not exist, the cipher-list command creates it:

Related Commands

(config-ssl-accelerated) client-version-rollback-check

To disable the client SSL version rollback check, use the client-version-rollback-check command.

client-version-rollback-check disable

Syntax Description

disable

Disables the client SSL version rollback check.

Defaults

No default behavior or values.

Command Modes

SSL accelerated service configuration

Device Modes

application-accelerator

central-manager

Usage Guidelines

If a non-RFC 2246 compliant client passes the incorrect client version in the SSL message, a bad record MAC SSL handshake failure may occur. The SSL accelerator terminates such connections. In this case, you can disable the client version rollback check which allows these connections to be optimized.

Examples

The following example shows how to enter SSL accelerated service configuration mode, and then disable the client SSL version rollback check: